Compliance overhaul good for all, writes Tom Stocker
THE four men at the centre of the recent Edinburgh building works corruption case have swapped a lifestyle of lap-dancing bars, drinks receptions and football match hospitality for berths in Saughton Prison.
Two former directors (now disqualified) of Edinburgh Action Building Contracts Ltd pleaded guilty to bribing two former council property services staff to secure a contracts for building works over a four-year period.
Sheriff Michael O’Grady QC said the offences were “very grave indeed”, describing the quartet as an “unholy alliance stealing from and manipulating the public purse almost at will.” The gravity of the offences brought the maximum five-year sentence, minus a guilty plea discount, for one of the men and lesser sentences for his three accomplices.
It is no secret that there are a number of bribery investigations being conducted by Police Scotland, the City of London Police and the Serious Fraud Office. Prosecutors are encouraging companies to self-report bribery in return for more lenient treatment and to blow the whistle on competitors who engage in corrupt practices.
So what can organisations do to prevent being caught up in the next bribery scandal and mitigate against a new offence corporate failure to prevent bribery which was introduced in the Bribery Act 2010?
In our experience at Pinsent Masons, many business could find themselves on the receiving end of allegations of corporate failure in compliance matters and would find it difficult to argue a defence of having in place “adequate procedures” under the Bribery Act.
To have “adequate procedures” there must be real top-level commitment within a business to bribery prevention and the board of directors must be able to demonstrate they are making serious efforts to minimise bribery risks posed by using third-party intermediaries and the misuse of hospitality and other business expenditure.
A risk assessment is a must but many companies fall at this hurdle or, if they have carried out an assessment, it may have been done years ago and then not updated. Due diligence should also be performed on third parties that pose a bribery risk but again, in our experience, this is often not carried out.
It must be communicated to employees that the business has an anti-bribery policy in place, which includes procedures suitable for that business and the conduct expected of employees, and there should be annual or more regular training in those procedures.
The final step is the need to monitor and review those policies and procedures periodically, but again it’s fairly common for this not to be done.
Compliance programmes should be simple and user-friendly so they become part of a company’s “business as usual” processes. For smaller companies a short-form risk assessment and a stated policy may well be enough. For larger businesses or businesses using contractors, the use of technology such as the Cerico compliance platform, can greatly help through automating and speeding up otherwise laborious processes.
Through regular communication and training in, and certification against a company’s ethics policy, it is more difficult for employees to justify or rationalise their actions on the basis that they didn’t know it was wrong – which to the sheriff’s incredulity was a claim made in this court case.
If you compare anti-bribery and corruption practices to health and safety compliance, you can see similarities as it has taken decades to firmly embed health and safety good practice across industry.
There is a similar learning curve in reaching the stage where the widescale adoption of strong anti-bribery and ethical practices is the norm but the tide is turning. Increasingly, large companies subject their supply chain to anti-bribery due diligence and audits. This is leading to many more businesses prioritising anti-bribery compliance because, ultimately, a good anti-bribery management system can now give a company a competitive advantage.
• Tom Stocker is a partner with Pinsent Masons and a director of the compliance technology business Cerico www.pinsentmasons.com